Changed x509_internal.h methods as static.
Moved some functions under defined to get rid of compiler warnings.
Functions moved under defines:
- mbedtls_x509_get_alg
- mbedtls_x509_get_alg_null
- mbedtls_x509_get_time
- mbedtls_x509_get_ext
- mbedtls_x509_sig_alg_gets
- mbedtls_x509_key_size_helper
Left one function (mbedtls_x509_write_names) as non static as it increased code size.
diff --git a/library/x509.c b/library/x509.c
index 1310c91..4448f45 100644
--- a/library/x509.c
+++ b/library/x509.c
@@ -42,6 +42,11 @@
#include "mbedtls/asn1.h"
#include "mbedtls/oid.h"
+/* We include x509xxx.c files here so that x509.c is one compilation unit including
+ * all the x509 files. This is done because some of the internal functions are shared.
+ * For code size savings internal functions should be static so that compiler can do better job
+ * when optimizing. We don't wan't x509.c file to get too big so including .c files.
+ */
#include "x509_crl.c"
#include "x509_crt.c"
#include "x509_csr.c"
@@ -88,7 +93,7 @@
/*
* CertificateSerialNumber ::= INTEGER
*/
-int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end,
+static int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end,
mbedtls_x509_buf *serial )
{
int ret;
@@ -113,13 +118,32 @@
return( 0 );
}
+#if defined(MBEDTLS_X509_CRL_PARSE_C) || defined(MBEDTLS_X509_CSR_PARSE_C) || \
+ ( !defined(MBEDTLS_X509_ON_DEMAND_PARSING) && defined(MBEDTLS_X509_CRT_PARSE_C) )
+/*
+ * Parse an algorithm identifier with (optional) parameters
+ */
+static int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end,
+ mbedtls_x509_buf *alg, mbedtls_x509_buf *params )
+{
+ int ret;
+
+ if( ( ret = mbedtls_asn1_get_alg( p, end, alg, params ) ) != 0 )
+ return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
+
+ return( 0 );
+}
+#endif /* defined(MBEDTLS_X509_CRL_PARSE_C) || defined(MBEDTLS_X509_CSR_PARSE_C) ||
+ ( !defined(MBEDTLS_X509_ON_DEMAND_PARSING) && defined(MBEDTLS_X509_CRT_PARSE_C) ) */
+
+#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
/* Get an algorithm identifier without parameters (eg for signatures)
*
* AlgorithmIdentifier ::= SEQUENCE {
* algorithm OBJECT IDENTIFIER,
* parameters ANY DEFINED BY algorithm OPTIONAL }
*/
-int mbedtls_x509_get_alg_null( unsigned char **p, const unsigned char *end,
+static int mbedtls_x509_get_alg_null( unsigned char **p, const unsigned char *end,
mbedtls_x509_buf *alg )
{
int ret;
@@ -131,21 +155,6 @@
}
/*
- * Parse an algorithm identifier with (optional) parameters
- */
-int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end,
- mbedtls_x509_buf *alg, mbedtls_x509_buf *params )
-{
- int ret;
-
- if( ( ret = mbedtls_asn1_get_alg( p, end, alg, params ) ) != 0 )
- return( MBEDTLS_ERR_X509_INVALID_ALG + ret );
-
- return( 0 );
-}
-
-#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
-/*
* HashAlgorithm ::= AlgorithmIdentifier
*
* AlgorithmIdentifier ::= SEQUENCE {
@@ -213,7 +222,7 @@
* of trailerField MUST be 1, and PKCS#1 v2.2 doesn't even define any other
* option. Enfore this at parsing time.
*/
-int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params,
+static int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params,
mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md,
int *salt_len )
{
@@ -466,7 +475,7 @@
/*
* Like memcmp, but case-insensitive and always returns -1 if different
*/
-int mbedtls_x509_memcasecmp( const void *s1, const void *s2,
+static int mbedtls_x509_memcasecmp( const void *s1, const void *s2,
size_t len1, size_t len2 )
{
size_t i;
@@ -547,7 +556,7 @@
* This function can be used to verify that a buffer contains a well-formed
* ASN.1 encoded X.509 name by calling it with equal parameters.
*/
-int mbedtls_x509_name_cmp_raw( mbedtls_x509_buf_raw const *a,
+static int mbedtls_x509_name_cmp_raw( mbedtls_x509_buf_raw const *a,
mbedtls_x509_buf_raw const *b,
int (*abort_check)( void *ctx,
mbedtls_x509_buf *oid,
@@ -652,7 +661,7 @@
return( 0 );
}
-int mbedtls_x509_get_name( unsigned char *p,
+static int mbedtls_x509_get_name( unsigned char *p,
size_t len,
mbedtls_x509_name *cur )
{
@@ -663,6 +672,8 @@
&cur ) );
}
+#if ( !defined(MBEDTLS_X509_CRT_REMOVE_TIME) && defined(MBEDTLS_X509_CRT_PARSE_C) ) || \
+ defined(MBEDTLS_X509_CRL_PARSE_C)
static int x509_parse_int( unsigned char **p, size_t n, int *res )
{
*res = 0;
@@ -781,7 +792,7 @@
* utcTime UTCTime,
* generalTime GeneralizedTime }
*/
-int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end,
+static int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end,
mbedtls_x509_time *tm )
{
int ret;
@@ -810,8 +821,10 @@
return x509_parse_time( p, len, year_len, tm );
}
+#endif /* ( !defined(MBEDTLS_X509_CRT_REMOVE_TIME) && defined(MBEDTLS_X509_CRT_PARSE_C) ) ||
+ defined(MBEDTLS_X509_CRL_PARSE_C) */
-int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig )
+static int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig )
{
int ret;
size_t len;
@@ -835,7 +848,7 @@
return( 0 );
}
-int mbedtls_x509_get_sig_alg_raw( unsigned char **p, unsigned char const *end,
+static int mbedtls_x509_get_sig_alg_raw( unsigned char **p, unsigned char const *end,
mbedtls_md_type_t *md_alg,
mbedtls_pk_type_t *pk_alg,
void **sig_opts )
@@ -853,7 +866,7 @@
/*
* Get signature algorithm from alg OID and optional parameters
*/
-int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params,
+static int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params,
mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg,
void **sig_opts )
{
@@ -901,11 +914,12 @@
return( 0 );
}
+#if defined(MBEDTLS_X509_CRL_PARSE_C)
/*
* X.509 Extensions (No parsing of extensions, pointer should
* be either manually updated or extensions should be parsed!)
*/
-int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end,
+static int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end,
mbedtls_x509_buf *ext, int tag )
{
int ret;
@@ -936,7 +950,7 @@
return( 0 );
}
-
+#endif /* defined(MBEDTLS_X509_CRL_PARSE_C) */
/*
* Store the name in printable form into buf; no more
* than size characters will be written
@@ -1038,7 +1052,7 @@
/*
* Helper for writing signature algorithms
*/
-int mbedtls_x509_sig_alg_gets( char *buf, size_t size, mbedtls_pk_type_t pk_alg,
+static int mbedtls_x509_sig_alg_gets( char *buf, size_t size, mbedtls_pk_type_t pk_alg,
mbedtls_md_type_t md_alg, const void *sig_opts )
{
int ret;
@@ -1093,12 +1107,11 @@
return( (int)( size - n ) );
}
-#endif /* !MBEDTLS_X509_REMOVE_INFO */
/*
* Helper for writing "RSA key size", "EC key size", etc
*/
-int mbedtls_x509_key_size_helper( char *buf, size_t buf_size, const char *name )
+static int mbedtls_x509_key_size_helper( char *buf, size_t buf_size, const char *name )
{
char *p = buf;
size_t n = buf_size;
@@ -1109,6 +1122,7 @@
return( 0 );
}
+#endif /* !MBEDTLS_X509_REMOVE_INFO */
#if defined(MBEDTLS_HAVE_TIME_DATE)
/*
diff --git a/library/x509_create.c b/library/x509_create.c
index 1639630..88148a6 100644
--- a/library/x509_create.c
+++ b/library/x509_create.c
@@ -126,7 +126,7 @@
return( cur );
}
-int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *name )
+static int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *name )
{
int ret = 0;
const char *s = name, *c = s;
@@ -211,7 +211,7 @@
/* The first byte of the value in the mbedtls_asn1_named_data structure is reserved
* to store the critical boolean for us
*/
-int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid, size_t oid_len,
+static int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid, size_t oid_len,
int critical, const unsigned char *val, size_t val_len )
{
mbedtls_asn1_named_data *cur;
@@ -292,7 +292,7 @@
return( (int) len );
}
-int mbedtls_x509_write_sig( unsigned char **p, unsigned char *start,
+static int mbedtls_x509_write_sig( unsigned char **p, unsigned char *start,
const char *oid, size_t oid_len,
unsigned char *sig, size_t size )
{
@@ -361,7 +361,7 @@
* -- by extnID
* }
*/
-int mbedtls_x509_write_extensions( unsigned char **p, unsigned char *start,
+static int mbedtls_x509_write_extensions( unsigned char **p, unsigned char *start,
mbedtls_asn1_named_data *first )
{
int ret;
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 0d564f9..45107d4 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -109,7 +109,7 @@
static int x509_crt_ext_key_usage_from_frame( mbedtls_x509_crt_frame const *frame,
mbedtls_x509_sequence *ext_key_usage );
-int mbedtls_x509_crt_flush_cache_pk( mbedtls_x509_crt const *crt )
+static int mbedtls_x509_crt_flush_cache_pk( mbedtls_x509_crt const *crt )
{
#if defined(MBEDTLS_THREADING_C)
if( mbedtls_mutex_lock( &crt->cache->pk_mutex ) != 0 )
@@ -145,7 +145,7 @@
return( 0 );
}
-int mbedtls_x509_crt_flush_cache_frame( mbedtls_x509_crt const *crt )
+static int mbedtls_x509_crt_flush_cache_frame( mbedtls_x509_crt const *crt )
{
#if defined(MBEDTLS_THREADING_C)
if( mbedtls_mutex_lock( &crt->cache->frame_mutex ) != 0 )
@@ -188,7 +188,7 @@
static int x509_crt_frame_parse_ext( mbedtls_x509_crt_frame *frame );
-int mbedtls_x509_crt_cache_provide_frame( mbedtls_x509_crt const *crt )
+static int mbedtls_x509_crt_cache_provide_frame( mbedtls_x509_crt const *crt )
{
mbedtls_x509_crt_cache *cache = crt->cache;
mbedtls_x509_crt_frame *frame;
@@ -255,7 +255,7 @@
#endif /* !MBEDTLS_X509_ON_DEMAND_PARSING */
}
-int mbedtls_x509_crt_cache_provide_pk( mbedtls_x509_crt const *crt )
+static int mbedtls_x509_crt_cache_provide_pk( mbedtls_x509_crt const *crt )
{
mbedtls_x509_crt_cache *cache = crt->cache;
mbedtls_pk_context *pk;